package com.sjn.user.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.SecurityFilterChain;

/**
 * @Author: sjn
 * @Data: 2025/6/18 16:23
 */
@Configuration
public class ResourceServerConfig {

    /**
     * Spring Security的安全过滤链，功能如下：
     * 允许所有用户访问 /public 路径
     * 其他所有请求必须经过认证
     * 启用 OAuth2 资源服务器支持，并基于 JWT 进行身份验证
     *
     * @param http
     * @return
     * @throws Exception
     */
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http
                .authorizeHttpRequests(authorize -> authorize
                        .requestMatchers("/public").permitAll()
                        .anyRequest().authenticated()
                )
                .oauth2ResourceServer(oauth2 -> oauth2
                        .jwt(jwt -> {
                        }) // 修正配置方式
                );
        return http.build();
    }
}